More selinux questions
Gene Heskett
gene.heskett at verizon.net
Sun Feb 3 11:05:26 UTC 2008
Greetings;
After several failures on Sunday mornings to properly rotate some logs
generated by fetchmail, I give up and need help.
logrotate can kill fetchmail ok, but cannot restart it, and I've now tried
both of these invocations in the postrotate script, and both fail, sending
me emails to that effect:
system_u:system_r:unconfined_t:s0 is not a valid context
error: error running non-shared postrotate script for /var/log/fetchmail.log
of '/var/log/fetchmail.log /var/log/procmail.log '
fetchmail: no process killed
system_u:system_r:unconfined_t:s0 is not a valid context
error: error running non-shared postrotate script for /var/log/procmail.log
of '/var/log/fetchmail.log /var/log/procmail.log '
I had tried your recommended launching line this week after the su gene -c
version failed last week:
runcon -t unconfined_t -- runuser -l -c "fetchmail -d 90 --fetchmailrc /home/gene/.fetchmailrc" gene
Which generated the above message, and this one:
su gene -c "fetchmail -d 90 --fetchmailrc /home/gene/.fetchmailrc"
which works to restart it from a shell just fine. The runcon version works
at bootup time just fine, so why can't I use it in a logrotation script?
I think I see one problem though, with both logs named in the same script,
its doing 2 killalls of fetchmail, so I'll make those 2 separate scripts I
guess. Done.
But how DO I relaunch fetchmail in the postrotate section?
Also, in /etc/croon.daily, tmpwatch is having trouble, from the same email
from cron as above:
/etc/cron.daily/tmpwatch:
error: failed to lstat /tmp/.spamassassin5459PpduEPtmp: Permission denied
What is this? I thought anything could use /tmp for anything...
It exists:
-rw------- 1 gene gene 3298 2008-01-07 20:49 .spamassassin5459PpduEPtmp
Humm, from the cli:
[root at coyote logrotate.d]# lstat /tmp/.spamassassin5459PpduEPtmp
-bash: lstat: command not found
But, take off the el and just run stat
[root at coyote logrotate.d]# stat /tmp/.spamassassin5459PpduEPtmp
File: `/tmp/.spamassassin5459PpduEPtmp'
Size: 3298 Blocks: 8 IO Block: 4096 regular file
Device: fe00h/65024d Inode: 26378244 Links: 1
Access: (0600/-rw-------) Uid: ( 500/ gene) Gid: ( 500/ gene)
Access: 2008-02-01 02:24:19.000000000 -0500
Modify: 2008-01-07 20:49:23.000000000 -0500
Change: 2008-01-07 20:49:23.000000000 -0500
Typu in a script someplace?
Thanks for any clarification offered here.
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
How much of their influence on you is a result of your influence on them?
More information about the fedora-selinux-list
mailing list